Jeremy Pizzala, EY’s Asia-Pacific Cybersecurity Consulting Leader, has raised concerns about the cybersecurity preparedness of organizations, particularly those relying on operational technology (OT) such as Internet of Things (IoT) devices. This warning comes in the wake of a significant cyber attack on DP World Australia, the nation’s largest port operator, which experienced a shutdown across multiple ports due to a breach in its systems.
Pizzala points out that many organizations are lagging in cybersecurity, making them vulnerable to malware, ransomware, or denial of service attacks. These vulnerabilities are especially pronounced in firms heavily dependent on OT, as they often do not prioritize cybersecurity. The impact of such attacks can be extensive, leading to compromised sensitive information, altered data, operational disruptions, financial losses, reputational damage, and customer dissatisfaction.
The increase in supply chain attacks is linked to the rapid adoption of open-source software, digitization, and the integration of OT with IT systems. Organizations that are most secure tend to be those that are highly digitized and aware of the risks, often employing advanced cybersecurity strategies like DevSecOps. This approach integrates security testing throughout the software development process, involving collaboration among developers, security specialists, and operation teams.
To improve cybersecurity, Pizzala recommends several strategies. These include using machine learning-based technologies to identify unusual network behaviors, adopting a zero-trust approach to system access, securing super user credentials in digital vaults, and promptly applying security patches from software producers. These measures are crucial for organizations to protect themselves against the evolving landscape of cyber threats.
Source: Supply Chain
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.